Security News > 2020 > November > Meet the hackers who earn millions for saving the web, one bug at a time
A number of companies now run their own bug bounty programs, which allow hackers to report the flaws they find in their software.
According to HackerOne, which organised the events that Paxton-Fear attended and organises bug bounties for big businesses and government agencies, nine hackers have now earned more than $1m each in rewards for spotting vulnerabilities.
Hackers earned 38% more in bounty payments compared with 2019, according to data from Bugcrowd, another bug bounty program company, which calculates that its hackers prevented $8.9bn in cybercrime by finding and allowing companies to fix bugs that would otherwise have let attackers into their systems.
This may prove to be one of the limiting factors for the bug bounty business model, because most of the hackers focus on web security rather than these more complicated areas which often require additional skills and experience.
"As long as there are bugs in software, there are security bugs, and somebody's got to find them. Bug bounties are a good way to encourage an outside look. Bug bounties as a concept are here to stay for the foreseeable future until we get perfect robots writing our code that don't make mistakes."